SOC Analyst Team Lead
Posted on Nov 7, 2019 by E-Frontiers
Explores ways to identify stealthy threats that may have found their way inside networks, without detection, using the latest threat intelligence.
Team lead responsibilities for the SOC Analyst Team
Collects, documents, assesses, and analyzes cyber threat information; presents reports and fndings to management.
Performs digital forensic tasks for cyber-criminal activities. Conducts penetration tests on production system to validate resiliency and identify areas of weakness to fix.
Recommends how to optimize security monitoring tolls based on threat hinting discoveries. Provides technical assistance to other incident response and security operation teams, such as vulnerability assessment and intrusion detection.
IT Security: Physical and electronic protection of data: access control, intrusion detection, virus protection, certification, audit, incident response, security engineering, development and implementation of security policies and procedures.
Management; Senior Level Consulting
Functional, technical or process leadership; Management of multiple teams; High complexity and ambiguity; Tactical responsibilities
Focus on technical activities that require specialized knowledge
- Master's or Bachelor's degree in technical engineering or IT related field; or equivalent experience.
- 4+ years of experience working in Security Operations Centre with a Security Incident & Event Management (SIEM) to correlate events across several devices.
- Certified Information Systems Security Professional (CISSP) or equivalent required.
Knowledge of the methods, channels and processes to obtain needed information; ability to identify, capture and document relevant business information in an auditable,organized,understandable and easily retrievable manner.
Knowledge of customer service concepts and techniques; ability to meet or exceed customer needs and expectations and provide excellent service in a direct or indirect manner.
Accuracy and Attention to Detail
Understanding of the necessity and value of accuracy and attention to detail; ability to process information with high levels of accuracy.
Knowledge of techniques and tools that promote effective analysis and the ability to determine the root cause of organizational problems and create alternative solutions that resolve the problems in the best interest of the business.
Decision Making and Critical Thinking
Knowledge of the decision-making process and associated tools and techniques; ability to accurately analyze situations and reach productive decisions based on informed judgment.
Understanding of e ff ective communication concepts, tools and techniques; ability to effectively transmit, receive, and accurately interpret ideas, information, and needs through the application of appropriate communication behaviors.
Flexibility and Adaptability
Knowledge of successful approaches, tools, and techniques for dealing with changes and adapting to a changing environment; ability to adapt as needed.
Knowledge of approaches, tools, techniques for recognizing, anticipating, and resolving organizational, operational or process problems; ability to apply this knowledge appropriately to diverse situations.
Knowledge of the current situation or issue at hand;ability to take full personal responsibility or ownership for assignments, activities, decisions and results.
Tolerance for Ambiguity and Stress
Understanding of the necessity of moving forward with less than perfect information and ability to flexibly and comfortably adapt to changing work demands.
Technical - Information Technology
Knowledge of the tools and processes for maintaining application security; ability to design and implement security programs to prevent data loss and access intrusion from web and mobile applications.
Knowledge of the process and procedure by which a change is identified, evaluated, approved, monitored and documented; ability to e ff ectively control and manage changes in the production environment and in the technology-based assets of the organization (eg, application software, production databases, operating systems software, hardware).
Knowledge of technologies, methods and tools of forensics investigations for IT security violations or potential threats; ability to identify, uncover and evaluate violations, warning reports, suspected incidents and insidious events.
Computer Network Defense
Knowledge of methods and processes to monitor, analyze and respond to network attacks, intrusions or any unauthorized actions; ability to use techniques and tools to perform network defense.
Cybersecurity Risk Management
Knowledge of tools, techniques, approaches and processes of cybersecurity risk management; ability to ensure organizational network operation and minimize negative effect by cybersecurity risks.
Knowledge of concept and features of data networks and the ability to manage an organization's data networks for internal and external information transmission.
Knowledge of and ability to protect an organization's data to ensure privacy during the process of storage and communication.
Digital Threat Management
Knowledge of techniques, approaches and processes of digital threats; ability to detect, monitor, analyze and prevent digital threats.
Knowledge of and the ability to protect information and information systems while ensuring their confidentiality, integrity and availability.
Information Security Audits
Knowledge of and the ability to utilize tools and techniques for assessing the effectiveness of information security measures, identifying potential risk exposures, and protecting the availability, confidentiality and audit trails of information from destruction or manipulation.
Information Security Management
Knowledge of the processes, tools and techniques of information security management, ability to deploy and monitor information security systems, as well as detect, resolve and prevent violations of IT security, to protect organizational data.
Information Security Technologies
Knowledge of technologies and technology-based solutions dealing with information security issues; ability to apply these in protecting information security across the organization.
Information Technology (IT) Security Policies
Knowledge of IT security policies, standards, and procedures; ability to utilize a variety of administrative skill sets and technical knowledge to ensure cyber security compliance.
Internet of Things (IoT)Security
Knowledge of concepts, methods and trends of Internet of Things security; ability to utilize tools and technologies to secure connected IoT devices and network.
Intrusion Detection and Prevention
Knowledge of tools, techniques and processes of intrusion detection and prevention; ability to detect, resolve and prevent intrusion behaviors to protect organizational networks.
Knowledge of the threats, measures and practices of mobile security; ability to reduce mobile risks and protect personal and organizational data and information.
Network and Internet Security
Knowledge of the tools and processes for maintaining network and Internet security; ability to develop and implement safeguards for the prevention of intrusion and unauthorized access.
Knowledge of network concepts, technologies, tools and philosophies, and the ability to design an organization's network infrastructure and services.
Security Information and Event Management(SIEM)
Knowledge of concept, procedures and processes of Security Information and Event Management (SIEM); ability to utilize related applications to protect organizational networks from cyber risks.
Knowledge of vulnerability assessment tools, techniques, models, and systems; ability to utilizes the knowledge to identify vulnerabilities on network.